4.5 Flashcards
Employees at a gas station observe a potential hacker trying to install a malicious device in a credit card reader. Which of the following is a layer of security that could have been implemented to detect and alert this type of criminal activity? (Select all that apply.)
Tamper detection is a layer of security is found in computers, alarm systems, surveillance systems, and even security fences. Tampering is detected when a circuit is broken or when a switch is tripped on a device.
A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm and can be used for tamper detection.
A duress alarm is triggered manually by staff if they come under threat. Some electronic entry locks can also be programmed with a duress code.
What considerations should a company make when selecting and training employees with authentication factors with biometric recognition? (Select all that apply.)
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is that users can find it intrusive and threatening to privacy.
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is that the technology can be discriminatory or inaccessible to those with disabilities.
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is the setup and maintenance costs associated with provisioning biometric readers.
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is that it is vulnerable to spoofing methods.
Identify the option asset tracking tags used to prevent the theft of assets.
Radio Frequency Identification (RFID) is a means of encoding information into passive tags, which can be easily attached to devices, structures, clothing, or almost anything else.
Which of the following do asset tracking tags use to allow electronic surveillance of managed assets and help prevent theft of assets?
Radio Frequency Identification (RFID) is a means of encoding information into passive tags, which can be easily attached to devices, structures, clothing, or almost anything else.
A network security administrator wants to implement a way to authenticate users based on the “something you have” authentication factor. Which of the following would satisfy this need, and create two-factor authentication when combined with an integrated fingerprint reader?
An example of two-factor authentication is a smart card with an integrated fingerprint reader. This means that to authenticate, the user must possess the card, and the user’s fingerprint must match the template.
An attacker bypassed authentication controls to gain access to an authorized area of a company building. In order to help increase the physical security posture, determine the considerations the company must make when choosing and implementing a “something you are” authentication factor with biometric recognition. (Select all that apply.)
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is that users can find it intrusive and threatening to privacy.
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is that the technology can be discriminatory or inaccessible to those with disabilities.
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is the setup and maintenance costs associated with provisioning biometric readers.
“Something you are” employs a type of biometric recognition system. One of the main problems with biometric technology is that it is vulnerable to spoofing methods.
Which of the following should occur after an authorized employee authenticates and unlocks a secure access point? (Select all that apply.)
Most door access controls depend on a lock mechanism, which is used to physically secure the access point until an authorized person provides authentication at the access point. A secure gateway will normally be self-closing.
Most door access controls depend on a lock mechanism, which is used to physically secure the access point until an authorized person provides authentication at the access point. A secure gateway will normally be self-closing and self-locking.
A security engineer needs to install an alarm system that incorporates a way to alert on moving heat sources. If implemented, which of the following would satisfy this criterion?
Motion detection is a motion-based alarm linked to a detector triggered by any movement within a relatively large area, such as a room. The sensors in these detectors detect moving heat sources.
Prevention-based security controls failed at a company. Now, a network administrator wants to implement video surveillance cameras to mitigate the impact of this threat in the future. Determine which actions are ensured by installing this security mechanism. (Select all that apply.)
Detection-based controls provide an important layer of defense in the event prevention-based controls fail to work. Effective surveillance mechanisms ensure attempts to penetrate a barricade are detected.
Detection-based controls provide an important layer of defense in the event prevention-based controls fail to work. Surveillance is a layer of security designed to improve the resilience of perimeter gateways.
Which of the following makes it difficult for an individual to gain access to sensitive data, supports local authentication, and can be combined with a smart card ID?
Biometric access makes it more difficult for someone to gain access to the locked room, hardware, or protected data. Some local authentication methods will support biometric readers. A smart card ID badge can also be combined with a biometric sensor.
Following a security breach at a company from unauthorized personnel, physical site security policies need to be reviewed to mitigate repeated similar threats from occurring. Which of the following options can be implemented as a preventive measure to control users; physical access to specific authorized access zones? (Select all that apply.)
Preventive controls stop an intruder from gaining unauthorized access. A photographic ID badge is a preventive control that can be implemented to restrict user access to only specific authorized zones.
Most preventive controls involve mechanisms that only allow authorized persons through access points. A lock mechanism is used to physically secure an access point until an authorized person provides authentication at the access point.
Employees observe an attacker trying to gain physical access to a credit card machine for malicious purposes. Analyze the options and determine which are viable solutions in mitigating this criminal activity. (Select all that apply.)
Tamper detection is a layer of security is found in computers, alarm systems, surveillance systems, and even security fences. Tampering is detected when a circuit is broken or when a switch is tripped on a device.
A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm and can be used for tamper detection.
A duress alarm is triggered manually by staff if they come under threat. Some electronic entry locks can also be programmed with a duress code.
Which physical security policies should security personnel implement to mitigate threats and act as a preventative measure to control users’ physical access to specific authorized access zones? (Select all that apply.)
Preventive controls stop an intruder from gaining unauthorized access. A photographic ID badge is a preventive control that can be implemented to restrict user access to only specific authorized zones.
Most preventive controls involve mechanisms that only allow authorized persons through access points. A lock mechanism is used to physically secure an access point until an authorized person provides authentication at the access point.
Which of the following security methods is used to prevent unauthorized users from tailgating behind authorized users into secure buildings?
Access control vestibule is where one gateway leads to an enclosed space protected by another barrier.
